For the past few weeks I’ve been working away on a paper that tries to bring together some of the CRTC filings that I’ve been reading for the past few months. This is a slightly revised and updated version of a paper that I presented to the Infoscape research lab recently. Many thanks to Fenwick Mckelvey for taking the lead to organize that, and also to Mark Goldberg for inviting me to the Canadian Telecom Summit, where I gained an appreciation for some of the issues and discussions that Canadian ISPs are presently engaged in.
Abstract:
Canadian ISPs are developing contemporary netscapes of power. Such developments are evidenced by ISPs categorizing, and discriminating against, particular uses of the Internet. Simultaneously, ISPs are disempowering citizens by refusing to disclose the technical information needed to meaningfully contribute to network-topology and packet discrimination discussions. Such power relationships become stridently manifest when observing Canadian public and regulatory discourse about a relatively new form of network management technology, deep packet inspection. Given the development of these netscapes, and Canadian ISPs’ general unwillingness to transparently disclose the technologies used to manage their networks, privacy advocates concerned about deep packet networking appliances abilities to discriminate between data traffic should lean towards adopting a ‘fundamentalist’, rather than a ‘pragmatic’, attitude concerning these appliances. Such a position will help privacy advocates resist the temptation of falling prey to case-by-case analyses that threaten to obfuscate these device’s full (and secretive) potentialities.
Full paper available for download here. Comments are welcome; either leave them here on the blog, or fire something to the email address listed on the first page of the paper.
I’m in the process of pulling together some privacy-related thoughts surrounding Canadian ISPs’ use of DPI equipment. I’ve posted an early draft of the document, and invite comments and thoughts. If you want to prepare your own comments, you’ve still got until February 23rd.
I’ve just posted a document that draws together the CRTC’s February 4, 11, and 12 filings for PN 2008-19. The document ties ISPs with categories of anonymous data for easy reference, and is also meant to contextualize each data set by reproducing the questions that led ISPs to develop these data sets in the first place.
Items of note:
- Responses to question 1 (a) show that, save for a single ISP, ISPs’ annual percentage growth of total traffic volume has decreased. ISPs required to anonymously submit data: Barrett, Bell Canada et al., Cogeco, MTS Allstream, QMI (Videotron), Rogers, Sasktel, Shaw, Telus.
- Responses to question 1 (b) show that the percentage of HTTP/Streaming traffic has increased, two companies report that the percentage of P2P traffic has increased and two report it has decreased slightly, UDP traffic has increased slightly, and the “Other” category now accounts for a smaller percentage of total traffic than in the first months measured. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Rogers, and Shaw.
- Responses to 2 (a) reveal the annual percentage growth of monthly average usage per end-user. We find that growth is occurring on company networks, and that this growth has been uneven (e.g. Company A experienced 16% growth one year, 47% the next, and 13% in the final year). This suggests, to me, that developing an accurate forecast of expected bandwidth growth would be challenging. Without knowing what companies are associated with each data set, it is challenging for analysts to determine if Network Management Technologies might be responsible for the changes in growth rates. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
- Responses to 2 (b) discuss the percentage growth for ISPs’ top 5% and 10% users. Data for the top 5% shows that two companies experienced negative growth in 2007-2008, one only 2% growth in 2007-2008, and the last a 25% growth. Data for the top 10% shows that two companies experienced negative growth in 2007-2008, one 1% growth, and the last a 25% growth. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Cogeco, MTS Allstream, QMI (Videotron), Rogers, and Telus.
- Responses to 2 (c) identify how much of the total traffic that top 5% and 10% users account for. Top 5% account for 37%-56% of total traffic. The top 10% account for 52%-74%. These are fairly damning numbers, given that they clearly demonstrate that massive proportions of the network are being used by a relatively small minority of users. ISPs required to anonymously submit data: Barrett, Bell Canada et al. (for Bell Wireline), Bragg, Cogeco, MTS Allstream, Primus, QMI (Videotron), Rogers, Shaw, and Telus.
- Responses to 2 (d) break down the application usage numbers for the top 5% and 10% of ISPs’ users. For the top 5% of users, HTTP/Streaming has remained relatively constant, P2P use decreased for only one company, UDP traffic is up, and “Other” traffic has decreased for two of three companies. For the top 10% of users, HTTP/Streaming traffic makes up a higher percentage of total traffic, in all but one case P2P traffic represents a larger percentage of total traffic, UDP is up, and “Other” is down for two of three companies. ISPs required to anonymously submit data: Bell Canada et al. (for Bell Wireline), Bragg, and Shaw.
I’ve updated my initial ISP Filing Summary document with the information that ISPs provided on February 9, 2008 per the CRTC’s February 4, 2009 request. Updates to the document are made in blue. The updates to not include Videotron’s response to 1 (c).
I would maintain that the most interesting parts of was was released have been summarized in a post from two days ago, which was entitled “Update: CRTC PN 2008-19 Filings“. Tomorrow, I should be posting a document that correlates data the CRTC aggregated and anonymized with the ISPs who were required to release anonymized data. My hope is that this will make it a bit clearer who data might be associated with.
